If you want the SSL Padlock on your website to look fully green and perfect, then you will have to follow the security standards given by the browsers your customers mostly visit using. As it happens, Internet Explorer, Chrome, Firefox are the most commonly used browsers by the world. These browsers show the padlock of an website in their own unique way and also the warning messages associated with them.

# Chrome says, “Your connection to example.com is encrypted with obsolete cryptography.”. There are two reasons for this message to show up:

1. TLS

The warning message will appear if TLS 1.2+ is not supported.

2. Cipher Suites

The warning message will also appear if insecure cipher suites (e.g., RC4) are enabled.

To Fix Obsolete Cryptography issue, enable support for TLS 1.2+ and also secure cipher suites (AES_128_GCM). If you are using deprecated cipher suites for backwards compatibility then you need to prioritize AES_128_GCM over the other cipher suites (i.e simply move GCM cipher suites to the top of of your cipher suite list). Other cipher suites are known to have weaknesses. Most servers will wish to negotiate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.

Use our SSL Analyzer to discover which cipher suites you have enabled on your server.

#Firefox and Chrome says your website's connection is not secure and some parts of this webpage are insecure. You see this message because your website contains insecure URL's. For example,

So, you need to find such lines of code in your website and change the protocol of the URL from HTTP to 'HTTPS'. To find the insecure URL's on Google Chrome, follow the below instructions.

1. While on your website in Chrome, simply press F12 (or) Click the padlock icon and the open 'Details'. It will open a window like following,

2. Click 'View requests in Network Panel', the next page will ask you to 'Press F5'. Do it and wait for Chrome to find the insecure URL's on your website !

3. Now that you have found the insecure URL's, find the corresponding lines of code on your website and change the URL to use 'HTTPS'. If you have changed all the URL's to use 'HTTPS', then you will see the change just like the below screenshot.